Magento: app/code/core/Mage/Api/Model/Mysql4/User.php Source File

00001 <?php
00002 /**
00003  * Magento
00004  *
00005  * NOTICE OF LICENSE
00006  *
00007  * This source file is subject to the Open Software License (OSL 3.0)
00008  * that is bundled with this package in the file LICENSE.txt.
00009  * It is also available through the world-wide-web at this URL:
00010  * http://opensource.org/licenses/osl-3.0.php
00011  * If you did not receive a copy of the license and are unable to
00012  * obtain it through the world-wide-web, please send an email
00013  * to license@magentocommerce.com so we can send you a copy immediately.
00014  *
00015  * DISCLAIMER
00016  *
00017  * Do not edit or add to this file if you wish to upgrade Magento to newer
00018  * versions in the future. If you wish to customize Magento for your
00019  * needs please refer to http://www.magentocommerce.com for more information.
00020  *
00021  * @category   Mage
00022  * @package    Mage_Api
00023  * @copyright  Copyright (c) 2008 Irubin Consulting Inc. DBA Varien (http://www.varien.com)
00024  * @license    http://opensource.org/licenses/osl-3.0.php  Open Software License (OSL 3.0)
00025  */
00026 
00027 /**
00028  * ACL user resource
00029  *
00030  * @category   Mage
00031  * @package    Mage_Api
00032  * @author      Magento Core Team <core@magentocommerce.com>
00033  */
00034 class Mage_Api_Model_Mysql4_User extends Mage_Core_Model_Mysql4_Abstract
00035 {
00036 
00037     protected function _construct()
00038     {
00039         $this->_init('api/user', 'user_id');
00040     }
00041 
00042     /**
00043      * Initialize unique fields
00044      *
00045      * @return Mage_Core_Model_Mysql4_Abstract
00046      */
00047     protected function _initUniqueFields()
00048     {
00049         $this->_uniqueFields = array(
00050             array(
00051                 'field' => 'email',
00052                 'title' => Mage::helper('api')->__('Email')
00053             ),
00054             array(
00055                 'field' => 'username',
00056                 'title' => Mage::helper('api')->__('User Name')
00057             ),
00058         );
00059         return $this;
00060     }
00061 
00062     /**
00063      * Authenticate user by $username and $password
00064      *
00065      * @param string $username
00066      * @param string $password
00067      * @return boolean|Object
00068      */
00069     public function recordLogin(Mage_Api_Model_User $user)
00070     {
00071         $data = array(
00072             'lognum'  => $user->getLognum()+1,
00073         );
00074         $condition = $this->_getWriteAdapter()->quoteInto('user_id=?', $user->getUserId());
00075         $this->_getWriteAdapter()->update($this->getTable('api/user'), $data, $condition);
00076         return $this;
00077     }
00078 
00079     public function recordSession(Mage_Api_Model_User $user)
00080     {
00081         $select = $this->_getReadAdapter()->select()
00082             ->from($this->getTable('api/session'), 'user_id')
00083             ->where('user_id = ?', $user->getId())
00084             ->where('sessid = ?', $user->getSessid());
00085         $logdate = now();
00086         if ($this->_getReadAdapter()->fetchRow($select)) {
00087             $this->_getWriteAdapter()->update(
00088                 $this->getTable('api/session'),
00089                 array ('logdate' => $logdate),
00090                 $this->_getReadAdapter()->quoteInto('user_id = ?', $user->getId()) . ' AND '
00091                 . $this->_getReadAdapter()->quoteInto('sessid = ?', $user->getSessid())
00092             );
00093         } else {
00094             $this->_getWriteAdapter()->insert(
00095                 $this->getTable('api/session'),
00096                 array(
00097                     'user_id' => $user->getId(),
00098                     'logdate' => $logdate,
00099                     'sessid' => $user->getSessid()
00100                 )
00101             );
00102         }
00103         $user->setLogdate($logdate);
00104         return $this;
00105     }
00106 
00107     public function cleanOldSessions(Mage_Api_Model_User $user)
00108     {
00109         $timeout = Mage::getStoreConfig('api/config/session_timeout');
00110         $this->_getWriteAdapter()->delete(
00111             $this->getTable('api/session'),
00112             $this->_getReadAdapter()->quoteInto('user_id = ?', $user->getId()) . ' AND '
00113             . new Zend_Db_Expr('(UNIX_TIMESTAMP(\'' . now() . '\') - UNIX_TIMESTAMP(logdate)) > ' . $timeout)
00114         );
00115         return $this;
00116     }
00117 
00118     public function loadByUsername($username)
00119     {
00120         $select = $this->_getReadAdapter()->select()->from($this->getTable('api/user'))
00121             ->where('username=:username');
00122         return $this->_getReadAdapter()->fetchRow($select, array('username'=>$username));
00123     }
00124 
00125     public function loadBySessId ($sessId)
00126     {
00127         $select = $this->_getReadAdapter()->select()
00128             ->from($this->getTable('api/session'))
00129             ->where('sessid = ?', $sessId);
00130         if ($apiSession = $this->_getReadAdapter()->fetchRow($select)) {
00131             $selectUser = $this->_getReadAdapter()->select()
00132                 ->from($this->getTable('api/user'))
00133                 ->where('user_id = ?', $apiSession['user_id']);
00134                 if ($user = $this->_getReadAdapter()->fetchRow($selectUser)) {
00135                     return array_merge($user, $apiSession);
00136                 }
00137         }
00138         return array();
00139     }
00140 
00141     public function clearBySessId($sessid)
00142     {
00143         $this->_getWriteAdapter()->delete(
00144             $this->getTable('api/session'),
00145             $this->_getReadAdapter()->quoteInto('sessid = ?', $sessid)
00146         );
00147         return $this;
00148     }
00149 
00150     public function hasAssigned2Role($user)
00151     {
00152         if (is_numeric($user)) {
00153             $userId = $user;
00154         } else if ($user instanceof Mage_Core_Model_Abstract) {
00155             $userId = $user->getUserId();
00156         } else {
00157             return null;
00158         }
00159 
00160         if ( $userId > 0 ) {
00161             $dbh = $this->_getReadAdapter();
00162             $select = $dbh->select();
00163             $select->from($this->getTable('api/role'))
00164                 ->where("parent_id > 0 AND user_id = {$userId}");
00165             return $dbh->fetchAll($select);
00166         } else {
00167             return null;
00168         }
00169     }
00170 
00171     protected function _beforeSave(Mage_Core_Model_Abstract $user)
00172     {
00173         if (!$user->getId()) {
00174             $user->setCreated(now());
00175         }
00176         $user->setModified(now());
00177         return $this;
00178     }
00179 
00180     public function load(Mage_Core_Model_Abstract $user, $value, $field=null)
00181     {
00182         return parent::load($user, $value, $field);
00183     }
00184 
00185     public function delete(Mage_Core_Model_Abstract $user)
00186     {
00187         $dbh = $this->_getWriteAdapter();
00188         $uid = (int) $user->getId();
00189         $dbh->beginTransaction();
00190         try {
00191             $dbh->delete($this->getTable('api/user'), "user_id=$uid");
00192             $dbh->delete($this->getTable('api/role'), "user_id=$uid");
00193         } catch (Mage_Core_Exception $e) {
00194             throw $e;
00195             return false;
00196         } catch (Exception $e){
00197             $dbh->rollBack();
00198             return false;
00199         }
00200         $dbh->commit();
00201         return true;
00202     }
00203 
00204     public function _saveRelations(Mage_Core_Model_Abstract $user)
00205     {
00206         $rolesIds = $user->getRoleIds();
00207 
00208         if( !is_array($rolesIds) || count($rolesIds) == 0 ) {
00209             return $user;
00210         }
00211 
00212         $this->_getWriteAdapter()->beginTransaction();
00213 
00214         try {
00215             $this->_getWriteAdapter()->delete($this->getTable('api/role'), "user_id = {$user->getId()}");
00216             foreach ($rolesIds as $rid) {
00217                 $rid = intval($rid);
00218                 if ($rid > 0) {
00219                     //$row = $this->load($user, $rid);
00220                 } else {
00221                     $row = array('tree_level' => 0);
00222                 }
00223                 $row = array('tree_level' => 0);
00224 
00225                 $data = array(
00226                     'parent_id'     => $rid,
00227                     'tree_level'    => $row['tree_level'] + 1,
00228                     'sort_order'    => 0,
00229                     'role_type'     => 'U',
00230                     'user_id'       => $user->getId(),
00231                     'role_name'     => $user->getFirstname()
00232                 );
00233                 $this->_getWriteAdapter()->insert($this->getTable('api/role'), $data);
00234             }
00235             $this->_getWriteAdapter()->commit();
00236         } catch (Mage_Core_Exception $e) {
00237             throw $e;
00238         } catch (Exception $e){
00239             $this->_getWriteAdapter()->rollBack();
00240         }
00241     }
00242 
00243     public function _getRoles(Mage_Core_Model_Abstract $user)
00244     {
00245         if ( !$user->getId() ) {
00246             return array();
00247         }
00248         $table  = $this->getTable('api/role');
00249         $read   = $this->_getReadAdapter();
00250         $select = $read->select()->from($table, array())
00251                     ->joinLeft(array('ar' => $table), "(ar.role_id = `{$table}`.parent_id and ar.role_type = 'G')", array('role_id'))
00252                     ->where("`{$table}`.user_id = {$user->getId()}");
00253 
00254         return (($roles = $read->fetchCol($select)) ? $roles : array());
00255     }
00256 
00257     public function add(Mage_Core_Model_Abstract $user) {
00258 
00259         $dbh = $this->_getWriteAdapter();
00260 
00261         $aRoles = $this->hasAssigned2Role($user);
00262         if ( sizeof($aRoles) > 0 ) {
00263             foreach($aRoles as $idx => $data){
00264                 $dbh->delete($this->getTable('api/role'), "role_id = {$data['role_id']}");
00265             }
00266         }
00267 
00268         if ($user->getId() > 0) {
00269             $role = Mage::getModel('api/role')->load($user->getRoleId());
00270         } else {
00271             $role = array('tree_level' => 0);
00272         }
00273         $dbh->insert($this->getTable('api/role'), array(
00274             'parent_id' => $user->getRoleId(),
00275             'tree_level'=> ($role->getTreeLevel() + 1),
00276             'sort_order'=> 0,
00277             'role_type' => 'U',
00278             'user_id'   => $user->getUserId(),
00279             'role_name' => $user->getFirstname()
00280         ));
00281 
00282         return $this;
00283     }
00284 
00285     public function deleteFromRole(Mage_Core_Model_Abstract $user) {
00286         if ( $user->getUserId() <= 0 ) {
00287             return $this;
00288         }
00289         if ( $user->getRoleId() <= 0 ) {
00290             return $this;
00291         }
00292         $dbh = $this->_getWriteAdapter();
00293         $condition = "`{$this->getTable('api/role')}`.user_id = ".$dbh->quote($user->getUserId())." AND `{$this->getTable('api/role')}`.parent_id = ".$dbh->quote($user->getRoleId());
00294         $dbh->delete($this->getTable('api/role'), $condition);
00295         return $this;
00296     }
00297 
00298     public function roleUserExists(Mage_Core_Model_Abstract $user)
00299     {
00300         if ( $user->getUserId() > 0 ) {
00301             $roleTable = $this->getTable('api/role');
00302             $dbh    = $this->_getReadAdapter();
00303             $select = $dbh->select()->from($roleTable)
00304                 ->where("parent_id = {$user->getRoleId()} AND user_id = {$user->getUserId()}");
00305             return $dbh->fetchCol($select);
00306         } else {
00307             return array();
00308         }
00309     }
00310 
00311     public function userExists(Mage_Core_Model_Abstract $user)
00312     {
00313         $usersTable = $this->getTable('api/user');
00314         $select = $this->_getReadAdapter()->select();
00315         $select->from($usersTable);
00316         $select->where("({$usersTable}.username = '{$user->getUsername()}' OR {$usersTable}.email = '{$user->getEmail()}') AND {$usersTable}.user_id != '{$user->getId()}'");
00317         return $this->_getReadAdapter()->fetchRow($select);
00318     }
00319 }